How Computer Security Will Evolve for Businesses in 2019


As we’ve combed through news articles and our own recent experiences with protecting businesses against cyber attacks, our cybersecurity specialists have spotted three cybersecurity trends that are on the rise. The cyber attack landscape is beginning to deviate away from basic methods, to more advanced techniques. With computer security becoming more of a priority for Connecticut and Massachusetts businesses, it’s helpful to watch for trends in the attack landscape.


Here are three of the biggest computer security trends to be on the look for and how we see things will continue to evolve in 2019 and beyond:


1) Seeking and exploiting device vulnerabilities.


While this is already a popular and effective hacking strategy, cybercriminals are designing malicious attacks that purposefully circumvent the user’s interaction. Where a user might be lured into clicking a malicious link or attachment, there’s a chance of a successful attack… but there’s no guarantee. Thus, criminals are taking users completely out of the equation and are now seeking ways to exploit vulnerabilities caused by laziness.

In 2017, the WannaCry and NotPetya outbreaks were two perfect examples of attacks that bypassed end-user to capitalize on unsecured, shared connection points. For example, business remote desktop applications and Microsoft’s RDP ports had been left open for the WannaCry creators to exploit. EternalBlue and other types of ransomware tapped into these vulnerabilities as well, so we expect this trend to only continue.

Does this mean that attacks primarily preying on unknowing users will cease to exist? Absolutely not, but as businesses and their employees become more educated on common methods to exploit their limited cybersecurity knowledge, hackers will adapt.

In order to plan for these attacks, cybersecurity and IT companies should begin with the oldest and most basic advice in the industry; Keeping up with patches and updates for all business devices, especially enterprise-grade Wireless Access Points, servers, PCs, and firewalls. Through inspection and identification of open ports, as well as the implementation of security tools to spot malicious activity on both the network and the host, are highly suggested too.


2) Evading detection by hijacking legitimate programs.


This type of cybersecurity trend can be summed up in the common saying, “take their tactic and use it against them”. Hackers are hiding under the radar by leveraging helpful programs and using your own legitimate tools as a weapon.

NotPetya malware selected this method by using Windows Management tools to multiply the ransomware worm. Other types of malware are increasing their tactics to hijack PowerShell and Group Policy Object tools. These tools usually don’t raise red flags because they legitimate programs used to manage large networks and aren’t identified by malware and antivirus scanners.

As a consequence, these legitimate programs are the “in” hackers desire in order to infect and spread malware. And since large networks use them, it creates an environment deadly to businesses where malware and cyber attacks are able to move quickly and undetected.

Of course, this increases the complexity for IT security teams because the line is starting to blur between malicious tools and administrative tools. Cybersecurity experts ought to re-evaluate the management tools and permissions on tools that have always been trusted for businesses. By disabling unused tools and components, the risk of attacks can be mitigated.


3) Increasing “plug-and-play” worm attacks.


Cyber attack campaigns are continuing to leverage more and more worm capabilities to spread quickly and laterally, making them a serious cyber threat that can extend far beyond the original infected network. If you’re not familiar with the various types of cyber attack methods, read our post 10 Cybersecurity Threats Every CEO Must Thwart.

For example, WannaCry’s worm component spread its file-encrypting ransomware to thousands of external victims, racking up over 400,000 infected machines in 150 countries in a few days.

Removing worms can be extremely difficult due to their persistent capabilities. Not only do they leave behind back doors to be exploited at a later time, but also schedule computing tasks that reinstall themselves, disrupting businesses all over again. It’s a recurring cybersecurity nightmare for any company.

IT firms have to shift their tactics, looking beyond one single infected computer, to the entire network. Since a computer can be turned into a “zombie” or “slave” computer to spread itself instantly, entire networks can become crippled– both internally and externally. Investing in solid software that can block infections and detect ransomware is vital for any business. If you wait until you see evidence that a network has been compromised, it will be already too late.


The Underlying Point

The underlying point is this: As cybercriminals continue to shift their tactics, so too must computer and network protections for businesses. The best way to effectively defend against rapidly evolving malware campaigns is to utilize solutions that can identify common behaviors and elements that attackers use. Computer protections need to automatically stay up-to-date with new threats and provide real-time analysis.

It’s also important to proactively spot and plug device vulnerabilities that are often exploited in cyber attacks. Regular, in-depth Cybersecurity Risk Assessments for businesses can help to identify open ports, unsecured devices, weak network protections, and more.


If you’re looking for cybersecurity experts in Connecticut who understand business environments and what they need in order to stay protected, give Encompass IT Solutions a call at 860-785-6233 to schedule a free IT Assessment to find out where your business stands with its technology.


Small Business Technology Threats on the Rise


Ever since computers hit the business scene and hackers began to emerge a few decades ago, there has always been one consistent cybersecurity truth — Hackers are constantly finding new targets and refining their weapons. Business everywhere, including small businesses in Connecticut and Massachusetts, need to be on the alert.

From large-scale data breaches to mining cryptocurrency, here are some of the biggest cybersecurity threats that are on the rise.


More Large-Scale Data Breaches

The Equifax credit agency cyberattack in 2017, which led to the theft of social security numbers, birth dates, and other PII (Personally Identifiable Information) data of almost half of U.S. citizens, was a bleak reminder that hackers can tackle both the big and small targets. It’d be more than safe to assume that other, smaller companies that handle lots of PII data will be targeted even more so in the next few years. Ponemon Institute’s 2017 Endpoint Risk Report states, “54% of companies experienced one or more successful attacks that compromised data and/or IT infrastructure”.


Ransomware Infecting the Cloud

Last year, we saw an epidemic of ransomware attacks, targeting vital organizations like Britain’s National Health Service, San Francisco’s light-rail network, and even FedEx. As destructive as it is, ransomware is actually a relatively simple form of malware that gets past most antivirus and anti-malware software, locking down computer files with strong encryption. The hackers then demand money or hard-to-trace cryptocurrencies like Bitcoin in exchange for the digital encryption key to unlock the data. Victims of ransomware will often pay, especially if the encrypted material hasn’t been backed up off the infected network. Some particularly monstrous strains of ransomware, such as WannaCry, have compromised over 250,000 computers across the world.

As a result, ransomware has only grown in popularity and to make matters worse, cybersecurity experts believe hackers will target cloud computing businesses in the years ahead. These cloud data storage providers house oceans of data for smaller companies in a cheaper, more secure server room environment. Some also run vital services, such as email and photo libraries. The biggest cloud computing companies, including Google, Amazon, and IBM, have hired some of the best cyber security experts, so they won’t be easy to attack. However, smaller companies and likely to be more vulnerable, and even a small data breach would prove profitable for the hackers involved. In fact, Verizon’s Data Breach Investigations Report found that “58% of malware attack victims are categorized as small businesses.”


Colossal Cyber-physical Attacks

We believe that more attacks targeting transportation systems, electrical grids, and other critical, global infrastructure will take place in the upcoming years. A portion could be designed to cause instant disruption, while others will probably involve more ransomware campaigns to hijack vital systems unless the victims pay quickly to recover control. With the Internet-of-Things and more older planes, trains, and ships with outdated technology defenses, vulnerabilities will be ripe for exploitation.


Rampant Cryptocurrency Mining


Another target for hackers around the world has been holders of Bitcoin and other digital currencies. But the theft of cryptocurrency isn’t the biggest threat to worry about in 2018; instead, it’s the theft of computer processing power. Feel free to check out our post with an in-depth explanation of crypto jacking and cryptocurrencies. 

In short, mining these currencies demands vast amounts of computing power to solve complex mathematical problems. Hackers hijack hundreds of computers in order to do such work. From the hacking of public Wi-Fi in an Argentine Starbucks to computers at a Russian oil company, crypto jacking is becoming more popular. And as currency mining grows, so will the temptation to breach many more computer networks.


The Good News

Blocking cybersecurity threats and keeping your business protected is possible by being proactive. Ensuring that business data backups are being protected in the cloud, your IT infrastructure is highly secure, and regular business technology checks are just a few ways to move your business in a secure IT environment.


If you don’t have an IT company to rely on to button down your security, feel free to give us a call at (860) 785-6233. We provide in-depth Cybersecurity Risk Assessments to ensure that your business technology security is up to par.



Are Hackers Actually Targeting Small Businesses?


In the news, it seems like every month we learn about hackers trying to take down larger companies like Target, Sony, or Walmart, but are cybercriminals actually targeting small and medium-sized businesses with 1-100 employees in Connecticut? Is small business technology usually safe?


IT Safety in Numbers, Right?

As kids, we were taught the phrase “safety in numbers” by our parents, and small business owners often like to use that type of mindset when it comes to cybersecurity and data breaches. I’m just one tiny fish in a huge ocean. Why would my small business be targeted out of thousands in Connecticut or Massachusetts? Wouldn’t it make more sense for hackers to chase after the large corporations with more data and more money? Yes and no.

Small businesses are a much easier target for hackers due to their insufficient resources, insufficient cybersecurity awareness, and a large number of technical vulnerabilities to exploit. Hackers look for the easiest way to prey on the uneducated, since the risk of being caught is a lot lower.


The Facts about Small Business Data Loss

Symantec, one of the world’s leading cybersecurity technology companies, released their 2018 Internet Security Threat Report, stating “43% of cyber attacks targeted small business with less than 100 employees in 2017.” That’s a drastic increase compared to the mere 18% of attacks focused on small businesses just a few years back in 2011. In 2018, Verizon reported that “58% of malware attack victims are categorized as small businesses.” (Verizon’s 2018 Data Breach Investigations Report)

Unfortunately, data breaches hold devastating effects for businesses. Not only do they carry bad publicity and your clients won’t want to touch you with a 10-foot pole, but businesses that have taken a beating from a data breach often don’t survive. FEMA’s 2017 Report released that “more than 40% of businesses never reopen after a data breach disaster, and for those that do, only 29% were still operating after two years.”

But what about just temporary data loss? FEMA states that “those [small businesses with under 100 employees] that lost their information technology for 9 days or more after a disaster filed for bankruptcy within a year.”

Unfortunately, many CEOs don’t recognize the value of their QuickBooks files, client databases, and documents until it’s too late. That’s why making sure your data backups and cybersecurity protections are in place to prevent data disasters.


Sophisticated Cyber Attack Methods

Cybersecurity threats are everywhere, and it’s hard to stay up-to-date with them because are designed to attack in various combinations. It’s not just the common “Prince of Nigeria” or IRS scams anymore. For an overview of the common types of threats out there, see our post on 10 Cybersecurity Threats Every CEO Must Thwart.

Targeted phishing attacks, called “spear phishing”, are proving to be a serious cybersecurity issue for small business owners throughout Connecticut. In these attacks, hackers impersonate an employee with the company they are trying to attack. They’ll ask another employee or even a client to send them account credentials or money. We’ve witnessed a few financial companies in Manchester and Hartford becoming victims of spear phishing and requiring a professional’s help to tighten their network security in just this year alone.

Even worse is that spear phishing just one data breach tactic, and hackers are constantly coming up with new tactics to stay ahead of the game. For example, tricky cybercriminals are mimicking auto-response emails from online sites like Amazon, Walmart, or Verizon. Instead of a link to view your “most recent purchase” or “reset your password”, they place a link to malicious websites that automatically download spyware or ransomware to your computer. Sophisticated hackers may even set up a website that looks like the homepage of Amazon or Verizon with a customer login portal that collects your email and password credentials.

With the rising number of targeted attacks against businesses, small and large alike, it’s vital to understand how to keep your computers, servers, and network safe and secure.


Education is Key

One of the best ways to be proactive about cybersecurity is by training your employees to adhere to basic cybersecurity protection policies. Understanding the differences between the legitimate emails and the fake phishing ones, how to keep a clean desk and clear screen, as well as being able to identify the various types of cyber attacks are just a few topics to cover. According to IBM’s 2014 Security Report, “95% of data breaches are caused by employee mistakes.” And most mistakes are preventable.


If you’re uncertain that your employees could correctly identify a malicious attack, contact us here at Encompass IT Solutions in Manchester, CT for our Cybersecurity Employee Training. Find out how well your employees handle your essential business data, as well as give them access to educational videos on cybersecurity awareness. Give us a call at (860) 785-6233 if you have any questions.


Mobile Malware: The Forgotten Cybersecurity Gap


With the growing reliance on computers and technology, businesses establish Computer Use Policies to standardize cybersecurity measures and decrease the likelihood of data breaches. However, they tend to forget about other types of devices, such as smartphones and tablets.

Almost everyone has a smartphone, yet businesses have little to no cybersecurity standards on them.

Unfortunately, some business owners tend to forget that the smartphones in our hands are basically mini computers and haven’t stopped to consider the disadvantages of mobile use. With more and more employees relying on their tablets and cellphones to sneak in a few emails here or work remotely there, the risk of mobile malware only increases.


Mobile Malware Continues to Surge

According to Symantec’s 2018 Report, new mobile malware variants have increased 54% since 2017. Even though user error is a huge issue with mobile cybersecurity, there are ways to be proactive against hackers and malware.


Here are a few tips on how to combat mobile malware and keep your devices secure:


1. Get Antivirus and Malware Apps for Your Device.

Avira is a great option since it automatically scans other apps for malicious activity as you download them. Malwarebytes Security is another great option. You should definitely have both on your phone, if possible.


2. Run the Updates on Your Phone iOS or Android OS Versions.

Even though smartphones and computers are often thought of as two different types of technology, they are very similar when you take them apart. Both pieces of technology use an OS (operating system) and require updates that install new security patches of code to block cyber attacks. Updating to the latest operating system is good cybersecurity hygiene. However, Symantec’s 2018 study found that only 20% of Android users are running the newest version of the Android OS, and only 2.3% are on the latest minor release. Minor releases in any OS contain security patches which help plug the security holes that developers find over time. That’s why it’s essential to make sure you’re installing the newest updates whenever you can.


3. Only Download Apps from the Google Play Store or iTunes App Store.

These popular apps stores have specific regulations and tests that apps have to pass in order to be listed and distributed on the store. These tests usually include a malware test, but they don’t always pick up everything. However, it’s still better than downloading an app directly off a website or “software” store.


4. Choose Apps That Have High Ratings, Download Numbers, and are Trusted Companies.

It’s very rare that an application with tons of high ratings and download numbers have malware. Chrome, Gmail, Yelp… These are larger companies that maintain their app’s security to protect both their users and themselves.


5. Pay Attention to Those Permissions.

If a PDF viewing app is asking for permission to access your microphone/phone calls, it might be good uninstall it. The application could contain malicious software created to “spy” or record data to use for blackmail. Mobile users also face privacy risks from “grayware” or “bloatware” apps that aren’t malicious, but can be troublesome. These apps devour CPU usage, storage, and RAM on your phone.


6. Delete Any Accounts and Apps that You Don’t Use.

Not only does this help keep your phone tidy, but it saves space and reduces the likelihood of stolen data. Your forgotten accounts and apps that you don’t update or use can become cybersecurity vulnerabilities. If you use similar passwords for your accounts, it would only take one gaming app to leak the password and be used on all of your other financial accounts.


7. Listen to Your Instincts.

Immediately delete apps that ask for personal information, such as social security numbers or bank account information. If the application is glitchy or won’t provide the functionality you downloaded it for, delete it. Be wary of apps that immediately take you to a fishy, specific URL in your internet browsing app.


When was the last time you considered the cybersecurity of your smartphone or mobile device? If you need help locking down your cybersecurity or creating a new Computer Use Policy that includes mobile devices, feel free to call Encompass IT Solutions at (860) 785-6233 for a Cybersecurity Risk Assessment for businesses.


10 Cybersecurity Threats Every CEO Must Thwart

It’s all over the news channels; data breaches and hackers wreaking havoc. Cybersecurity threats are everywhere, and it doesn’t help that there are multiple kinds of threats designed to attack in various ways. Businesses need to stay aware of the shifting cybersecurity landscape.


Here’s a quick overview of the different types of malware and threats that every business should know about, and the sort of damage they can cause:


1) Viruses

This threat is actually a computer program that is designed to infect other programs in order to spread. Side effects include altering your data in some way, either by stealing it, corrupting it, or completely deleting it, all usually without you noticing.


2) Spyware

This cybersecurity threat provides a hacker with an inside peek into a victim’s systems. It would allow them to design a specific attack that is more likely to succeed, based on the behaviors and habits of a user.


3) Computer Worm

As computer worms inch their way through your network, they infect as many of your devices as possible, including phones, tablets, computers, and servers. Encouraged by the amount connections the typical PC has to the outside, they try to spread its malware payload to as large a radius as possible. Side effects include usability of your systems, as they copy themselves until your disk space and bandwidth are at capacity.


4) Rootkit

When accidentally installed, a rootkit provides administrator access to a computer or network, which allows them to install more malicious programs or change vital settings on the computer to render it useless.


5) Trojan Horse

Named after the wooden horse of ancient Greece, this type of threat contains malicious bits of code that are disguised as a legitimate computer program. Once inside your device, side effects include the introduction of a keylogger to capture typed passwords on your computer or manipulation of a webcam.


6) Keylogger

These are malicious programs that record the keystrokes a user creates on their keyboard. They are extremely useful for hackers who are trying to gather login credentials for their target’s accounts, such as bank accounts or email accounts.


7) Phishing

This method of attack is used to gather credentials from their targets, in which the malicious user tricks the victim by impersonation. Most often, this is demonstrated by email scams that have links to malicious websites with sign-in forms that offer appear legit. A phisher might take a direct approach and pose as a trustworthy person through email correspondence, asking for passwords or providing unsafe website links.


8) Botnet

This threat is comprised of a web of interconnected computers that are infected and controlled by the malware distributor. Often called “zombie computers”, these computers are then used to further other attacks.


9) DDoS (Distributed Denial of Service)

These attacks are often the most damaging, as botnets and other types of malware are combined and assault a system with a large amount of traffic until it is rendered unusable, or temporarily disabled. While the system is trying to keep up with the amount of traffic, the hacker can steal any data they please.


10) Exploit

This threat takes advantage of a particular, unpatched vulnerability in a system. By regularly updating your system, you can cut down on the amount of these attacks, but vigilance is the best way to stay ahead.


And More…

This is by no means a comprehensive list of every single cybersecurity threat out there, but it reinforces the fact that businesses need to pay attention to their technology. Since we rely so heavily on technology to run our businesses, it makes it all the more important to know that you’re protected and can easily recover from the disasters these malicious programs can cause.


If you think that you’ve been infected by one or more of these 10 cybersecurity threats, definitely alert your IT firm and make sure you have the proper protections in place.


Here at Encompass IT Solutions in Manchester, CT, we provide enterprise-grade antivirus and remote monitoring services to protect your business. If you’re concerned about your cybersecurity and the potential threats that could ruin your hard work, look into our Cybersecurity Risk Assessments or Employee Cybersecurity Training. If you have any questions, feel free to give us a call at (860) 785-6233.